RSS

How-To Geek

Note: This article is part of our archive and is likely out of date.
(Links may not work, downloads have not been recently tested for safety)

When you’re browsing away from home, be it on your smartphone, tablet, or laptop, how do you keep your browsing sessions secure? This week we’re interested in hearing all about your mobile security tips and tricks.

When you’re out and about you often, out of necessity or convenience, need to connect to open Wi-Fi hotspots and otherwise put your data out there in ways that you don’t when you’re at home. This week we want to hear about your tips, tricks, and applications for keeping your data secure and private when you’re away from your home network.

Sound off in the comments with your tips and then check back on Friday for the What You Said roundup.

Jason Fitzpatrick is a warranty-voiding DIYer who spends his days cracking opening cases and wrestling with code so you don't have to. If it can be modded, optimized, repurposed, or torn apart for fun he's interested (and probably already at the workbench taking it apart). You can follow him on Twitter if you'd like.

Comments (26)

I stay off of public wifi on my phone (we finally got LTE in my town) but when I’m using my PC from a hotel or such, I’ll ssh home and tunnel my browser traffic through that connection. It takes a small toll on performance, but performance from free wifi usually sucks horribly anyway, at least this way I’m not snooped on too.)

As for using my phone over LTE, I just use safe browsing habits but don’t do anything especially paranoid… I use Chrome on Android 4.0.2 (soon to be 4.0.4 if VZW ever releases their eternally “coming soon” update.)

Recently a bunch of us stayed at a high end resort down in Mexico. Internet was offered as a pay per device service at about $80/week/device. Considering we had about 12 wifi devices there among us(a few geeks), I decided to plan ahead. I setup a WRT54G as a WiFi client with a vpn back to my house and NAT. Setup a second one as a basic wireless access point with password and plugged it into the first.

Onsite we setup the devices and connected to the wireless with one paid account(tied to the MAC address). Everyone connected to the other device for wireless access and it was all tunnelled through my home network with encryption.

Next time, I will have a WAN side proxy to allow devices to get on the WiFi network, not register with the access gateway, and use the proxy as the default gateway. This way we can use the wireless anywhere on the resort, not just in our room.

Paranoid, not really(in Cuba I was paranoid). I’m just cheap, paranoid was a simple addon to cheap.

Personally I have a hosting account that gives me SSH access. I do a ‘ssh -D 4321 me@hostingprovider.com‘, set my proxy as SOCKS5 either in the browser or OS, and then double check things by hitting ipchicken.com or something similar. FoxyProxy in Firefox is invaluable IMHO for browser and domain specific proxying. YMMV.

I connect to my NAS – Synology VPN. Also i have alternate access via ssh (Tunneling).
You can setup a tunneling via SSH Using DDWRT or a VPN using Tomato.
Make sure you do this via an universal open port like 443 (Https port) (forward your port to your service)

The best way to accomplish this is to run OpenVPN on your router to make a secure VPN connection to your (presumably secure) network at home. Then use set up a proxy such as Privoxy on one of your home computers (ideally your home server or router if it has enough flash RAM). After that, configure your browser to use your proxy. I use the SwitchySharp plugin for chrome so that I can switch between my home proxy and a direct internet connection. Then, when browsing on an untrusted connection, just connect to your home using OpenVPN and enable your proxy.

I use Witopia. You can use with or without software. I use the software as I can easily choose the locaton and server I want or need to connect to. They also provide many protocols such as OpenVPN (SSL), PPTP, Cisco IPsec, and L2TP/IPsec.

If I can’t get either of those working, it is time to hit the hotel bar or watch some tube.

Out of 7 hotels I’ve stayed in the last 3 months, only 2 allowed any VPN/ssh access. Hotels are deploying invisible web proxies to prevent bandwidth hogs. These are not compatible with ssh or openVPN. I’m amazed at the number of fantastic hotels that don’t have in-room wifi too. I always bring a tiny, usb-powered, travel wifi router now.

I just don’t worry about it. The antimalware programs I have already installed (Avast, MBAM, Spybot, SAS, and Zone Alarm) should be enough to protect my netbook when away from home. I also apply a good dose of common sense (which I also do at home; if anything, I’m paranoid about what I let onto my computers, including cookies). I do run my scans more often when not on my own network unless I’m using a trusted network (such as the one I use when visiting a friend who has an IT tech for a husband).

These ^^ comments are all good with personal gadgets ……….. but what about accessing internet in a “Cyber Cafe” (for a tourist in a foreign country, with no wifi service in hotel)…………… how do you protect yourself from ‘spyware’, ‘key loggers’,etc………………….. ???????????/

I have tried tunneling home and VPNs, but I could never get over the performance issues. So, prior to the Sprint hotspot for smartphones, I tethered. Now, I use the hotspot when I need it. It’s $30 for the month, but if you don’t use it the whole month, Sprint only charges you for the days you used it. And you can secure it too so no one else can hitch a ride. If I am feeling particularly paranoid, I will use TOR as well. Performance is great, even outside of the Sprint service area (thanks roaming – the minimal charges are worth it when your job depends on it). I had AT&T for a while and they had a similar feature though a bit more expensive but still well worth it.

On a Mac I use a free program called Sidestep. Just enter in your SSH server credentials and it will automatically detect networks that do not use encryption and automatically setup the tunnel. I find it very useful since its not often that I use insecure WiFi and it does this automatically.

I have it setup to tunnel to my home SSH server. But any secure server will work with valid credentials.

I don’t bother about any special protection. What are they going to steal form me? University papers? The serial number of my “Yarrr!” Windows or “Yarrr!” music and games or the open source software I download? My computer has the most boring hard drive content ever. At least that scary person can share the peril of having Atheros Wifi card. I use it only for basic things and make sure that the drive is backed up and empty from special info anyways with a nice re-install every once in a while.

I use Bitvise WinSSHD server along with tunnelier, which is their SSH client.
It allows for seamless integration with the server and allows you to remotely control the server through tunnelier as well as open a console, SFTP window and Remote Desktop to the PC running the server software. And it allows you to forward your internet traffic through a SOCKS or HTTP Proxy, so surfing non sanctioned sites from work, just works! The only downside for those that only run linux/MAC, is that it’s Windows only.
I can tell that there is a bit a hit to the overall speed, but it’s not that bad at all. Video streaming from say you tube still runs smoothly! (Of course that is only if you have a decent connection)

Ditto what Micky said. I just use the portableapps.com application on my netbook. Here in South Africa, wifi is not widely available so I always use 3G mobile broadband. And firefox portable to browse, with the DoNotTrackPlus add-on activated. I feel seriously naked after reading previous comments.